– Check Point’s research
team has discovered a new family of malicious
apps on Google Play, Google’s official app store. The new strain of
malware, dubbed DressCode, can pose significant danger to both users and enterprises alike. Once installed, the
attacker can use your device to transmit to and from the internet and internal corporate networks. If you have access to
your internal corporate web services, so will the attacker. Here’s how it works. The attack will start with the user installing one of the malicious apps directly from Google Play. The malware will be disguised
as a simple innocent game. If the mobile device has access to data stored on the internal
corporate web service, the attacker can now exploit this. The attacker will initiate the attack by establishing communication
with the device. Next, they’ll send the device a command to retrieve sensitive files
from the internal network. The malware will mow
retrieve those desired files and relay them back to the attacker. This is a perfect example
of how mobile security can have a significant impact, not just on the security
of the devices themselves, but on the security of the
entire corporate network.